BPQ Home   BPQ32 Home

BPQ32 IP Gateway

Introduction:

IP Gateway links systems using IP over ax.25 with those using IP over Ethernet. It can monitor ARP frames to build a simple routing table, or static ARP and Route entries may be defined. It includes an APRMNet encapsulator and RIP44 processor, allowing packets to be routed over Internet tunnels to other AMPRNet sites.

The Portmapper funcion, which used to be part of IP Gateway, is now a separate feature.

Environment.

The software uses pcap to create a virual IP host. This is a standard feature of most Linux system but on Windows uses the WINPCAP library, obtainable from www.winpcap.org.


Windows uses PCAP to send to both the local host (the machine running BPQ) and to other machines on the same LAN.

On Linux, the local machine doesn't see packets sent via pcap, so it uses a TAP device for the local host, and pcap for other addresses on the LAN. The TAP is created dynamically - it doesn't have to be predefined. An ARP entry for the LinBPQ IPADDR is added to the host, pointing to the TAP. The TAP runs unnumbered

44 addresses can be NAT'ed to the local LAN address, so hosts don't have to have both an ISP and a 44 address. You can run your local LAN as 44, but I would expect most uses to prefer to keep their LAN with its normal (usually 192.168) addresses.

If the PC address isn't the same as the IPGateway IPAddr a NAT entry is created automatically.

Unless the config statement NODEFAULTROUTE is specfied an Interface Route to 44/8 will be added to the host, so that any traffic for 44 addresses will be sent to BPQ.

IPGateway also provides a very limited SNMP server, primarily to permit MRTG to be used to graph the traffic on your ports. It supports SNMP GET on sysName, sysUpTime, ifInOctets and ifOutOcters.

Configuration.

The Configuration is supplied in bpq32.cfg.

The following Configuration Parameters are required:

ADAPTER is the ethernet adapter device name. Under XP and later systems. this is an encoded UID, which can be obtained by running the supplied program "bpqadapters". This will list all installed adapters with their real and "friendly" names, You can cut and paste the required value. On Linux is is the interface name eg eth0.


44ENCAP Virtual Host enables the AMPRNET IPIP Tunnel system and the RIP44 Process.
A Virtual IP address is used as the IPIP tunnel enspoint. A lot of domestic routers don't support forwarding IP Protocol 4, so the Tunnel Endpoint has to be placed in a DMZ. By using a separate address the host itself isn't exposed to the Internet. The 44ENCAP IP address must be different from the host's IP address.

NODEFAULTROUTE Normally if you are running the AMPR Encap process an interface route to 44.0.0.0/8 is added to the host routing table so all 44 net traffic will be sent to BPQ. If you don't want this, you can specify NODEFAULTROUTE.

IPADDR is the IP address of the BPQ32 switch on your LAN. This should be an unused address from your AMPRNet allocation. (NOT the IP address of the PC, unless you are using 44 addresses for your LAN).

IPNetMask is the network mask for your AMPRNet allocation. Alternatively you can specify the mask on the IPADDR statement using the Address/Mask syntax, eg IPADDR 44.131.56.0/29

IPPORTS The BPQ Ports to be used for links to IP over ax.25 systems. List of ports, separated by commas

ARP adds static entries to the ARP table. Format is ARP IPADDR CALLSIGN Port and Mode (D=Datagram, V=Virtual Circuit)

ROUTE adds static Route entries. Format is ROUTE TARGETNET/MASK GATEWAY [Mode]. If Mode is 'T', then the route is via an AMPRNET Tunnel, and GATEWAY is the tunnel endpoint. Unless you are using Tunnel Routes, a ROUTE entry should normally be preceeded by an ARP entry for the gateway - see exmaple below. An ARP entry will create a Host Route entry for the spcified address.

The progrma can also process entries copied from the AMPRNET encap.txt file, but normally Tunnel Routes would be installed via the RIP44 process.

NAT tanslates incoming 44 addresses to local lan addresses and outgoing lan addresses to 44 ddresses. For example if my 44 allocation was 44.131.11.1/27 and I had a PC on my LAN with an adress of 192.168.1.101 I could specify

NAT 44.131.131.2 192.168.1.101

Stations on APMRNET could then access my PC a 44.131.11.2. Note that a NAT entry from the address specified in IPADDR to tha addresss of device specified in ADAPTER is automaticaly added.

Node Commands

There a four Node commands associated with IPGateway. PING a.b.c.d (not host name), ARP (display ARP table) IPR (display IP Routing table) and NAT (display NAT Table). IPR can be followed by a filter string and the only lines containing that string will be displayed, eg IPR 44.131.56.

Sample Config


IPGATEWAY

Adapter \Device\NPF_{ECDB1154-982B-48D3-A394-785AC42588E3}  # Windows
Adapter eth0                                                # Linux

44ENCAP 192.168.1.10         # Enable AMPRNET Tunnels and RIP44. Use 192.168.1.10 as Tunnel Enpoint
IPAddr 44.131.56.1           # IP address of the BPQ32 switch on your LAN
IPNetmask 255.255.255.248    # Netmask of your AMPRNet allocation
IPPorts 1,3,7                # BPQ Ports to be used for links to IP systems. List of ports, separated by commas

NAT 44.131.56.2 192.168.x.x	 # 192.168.x.x is the LAN address of another PC that I want to have access to AMPRNET

ARP 44.131.56.6 G8BPQ-8 1 D	 # 44.131.56.6 is reachable over radio port 1 

ARP 44.131.11.1 GM8BPQ-7 1 D     # ARP entry for Gateway below
ROUTE 44.131.11.0/29 44.131.11.1 # All subnet 44.131.11.0/29  is reachable over radio link 1 to GM8BPQ-7

route addprivate 44.131.56/29 encap 81.153.51.216  # AMPRNET Tunnel route in encap.txt format (not recommended)

****


John Wiseman G8BPQ
October 2010
Updated July 2015